Prerequisite: a running server with root SSH access
Commands
# Log in as root, change password, log out and back in to verify
ssh root@ip
passwd
exit
ssh root@ip# Add a sudo user
adduser user
usermod -aG sudo user# Edit SSH config
vim /etc/ssh/sshd_config# /etc/ssh/sshd_config
# Change / add the following lines
# ...
PermitRootLogin no
AuthenticationMethods publickey,password
Port 2222
# ...
# Add an allow rule for the newly set port, verify SSH configuration
ufw allow 2222/tcp
sshd -t# Copy SSH keys and verify, restart sshd
exit
ssh-copy-id root@ip
ssh-copy-id user@ip
ssh user@ip
exit
ssh root@ip
systemctl restart sshd# Delete the old firewall rule, exit and verify connectivity
ufw delete allow 22/tcp
exit
ssh user@ip
exit# Add an alias for your new server (getting tired of typing the IP)
vim ~/.ssh/config# ~/.ssh/config
# ...
Host server-name
User user
HostName ip-or-domain.com
Port 2222
# Copy dotfiles directory
scp -r .config user@server-name:~/# Update and upgrade, install all the goods
ssh server-name
sudo apt update && sudo apt upgrade
sudo apt install zsh zsh-syntax-highlighting wget curl git logrotate rsyslog neovim tmux tldr lf# Create symlinks for zsh, change shell to zsh
ln -s .config/zsh/zshrc .zshrc
ln -s .config/zsh/.zsh_history .zsh_history
chsh -s /bin/zsh
exit
ssh server-nameEOF